{
  "data": [
    {
      "Properties": {
        "domain": "ESC1.LOCAL",
        "name": "USER@ESC1.LOCAL",
        "distinguishedname": "CN=USER,CN=CERTIFICATE TEMPLATES,CN=PUBLIC KEY SERVICES,CN=SERVICES,CN=CONFIGURATION,DC=ESC1,DC=LOCAL",
        "domainsid": "S-1-5-21-909015691-3030120388-2582151266",
        "description": null,
        "whencreated": 1664426237,
        "validityperiod": "1 year",
        "renewalperiod": "6 weeks",
        "schemaversion": 1,
        "displayname": "User",
        "oid": "1.3.6.1.4.1.311.21.8.12059088.7148202.5130407.12905872.6174753.77.1.1",
        "enrollmentflag": "INCLUDE_SYMMETRIC_ALGORITHMS, PUBLISH_TO_DS, AUTO_ENROLLMENT",
        "requiresmanagerapproval": false,
        "nosecurityextension": false,
        "certificatenameflag": "SUBJECT_ALT_REQUIRE_UPN, SUBJECT_ALT_REQUIRE_EMAIL, SUBJECT_REQUIRE_EMAIL, SUBJECT_REQUIRE_DIRECTORY_PATH",
        "enrolleesuppliessubject": false,
        "subjectaltrequireupn": true,
        "ekus": [
          "1.3.6.1.4.1.311.10.3.4",
          "1.3.6.1.5.5.7.3.4",
          "1.3.6.1.5.5.7.3.2"
        ],
        "certificateapplicationpolicy": [],
        "authorizedsignatures": 0,
        "applicationpolicies": [],
        "issuancepolicies": [],
        "effectiveekus": [
          "1.3.6.1.4.1.311.10.3.4",
          "1.3.6.1.5.5.7.3.4",
          "1.3.6.1.5.5.7.3.2"
        ],
        "authenticationenabled": true
      },
      "Aces": [
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Owns",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-513",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        }
      ],
      "ObjectIdentifier": "72F15D5F-C7B4-4FD9-ADCE-302F0D3DC91A",
      "IsDeleted": false,
      "IsACLProtected": true,
      "ContainedBy": {
        "ObjectIdentifier": "95D1A36E-7782-4CC5-823C-F5994359DDC0",
        "ObjectType": "Container"
      }
    },
    {
      "Properties": {
        "domain": "ESC1.LOCAL",
        "name": "SMARTCARDLOGON@ESC1.LOCAL",
        "distinguishedname": "CN=SMARTCARDLOGON,CN=CERTIFICATE TEMPLATES,CN=PUBLIC KEY SERVICES,CN=SERVICES,CN=CONFIGURATION,DC=ESC1,DC=LOCAL",
        "domainsid": "S-1-5-21-909015691-3030120388-2582151266",
        "description": null,
        "whencreated": 1664426237,
        "validityperiod": "1 year",
        "renewalperiod": "6 weeks",
        "schemaversion": 1,
        "displayname": "Smartcard Logon",
        "oid": "1.3.6.1.4.1.311.21.8.12059088.7148202.5130407.12905872.6174753.77.1.5",
        "enrollmentflag": "NONE",
        "requiresmanagerapproval": false,
        "nosecurityextension": false,
        "certificatenameflag": "SUBJECT_ALT_REQUIRE_UPN, SUBJECT_REQUIRE_DIRECTORY_PATH",
        "enrolleesuppliessubject": false,
        "subjectaltrequireupn": true,
        "ekus": ["1.3.6.1.5.5.7.3.2", "1.3.6.1.4.1.311.20.2.2"],
        "certificateapplicationpolicy": [],
        "authorizedsignatures": 0,
        "applicationpolicies": [],
        "issuancepolicies": [],
        "effectiveekus": ["1.3.6.1.5.5.7.3.2", "1.3.6.1.4.1.311.20.2.2"],
        "authenticationenabled": true
      },
      "Aces": [
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Owns",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        }
      ],
      "ObjectIdentifier": "01BCD578-1031-400B-ADBA-0B8AEAB95929",
      "IsDeleted": false,
      "IsACLProtected": true,
      "ContainedBy": {
        "ObjectIdentifier": "95D1A36E-7782-4CC5-823C-F5994359DDC0",
        "ObjectType": "Container"
      }
    },
    {
      "Properties": {
        "domain": "ESC1.LOCAL",
        "name": "EFS@ESC1.LOCAL",
        "distinguishedname": "CN=EFS,CN=CERTIFICATE TEMPLATES,CN=PUBLIC KEY SERVICES,CN=SERVICES,CN=CONFIGURATION,DC=ESC1,DC=LOCAL",
        "domainsid": "S-1-5-21-909015691-3030120388-2582151266",
        "description": null,
        "whencreated": 1664426237,
        "validityperiod": "1 year",
        "renewalperiod": "6 weeks",
        "schemaversion": 1,
        "displayname": "Basic EFS",
        "oid": "1.3.6.1.4.1.311.21.8.12059088.7148202.5130407.12905872.6174753.77.1.6",
        "enrollmentflag": "INCLUDE_SYMMETRIC_ALGORITHMS, PUBLISH_TO_DS, AUTO_ENROLLMENT",
        "requiresmanagerapproval": false,
        "nosecurityextension": false,
        "certificatenameflag": "SUBJECT_ALT_REQUIRE_UPN, SUBJECT_REQUIRE_DIRECTORY_PATH",
        "enrolleesuppliessubject": false,
        "subjectaltrequireupn": true,
        "ekus": ["1.3.6.1.4.1.311.10.3.4"],
        "certificateapplicationpolicy": [],
        "authorizedsignatures": 0,
        "applicationpolicies": [],
        "issuancepolicies": [],
        "effectiveekus": ["1.3.6.1.4.1.311.10.3.4"],
        "authenticationenabled": false
      },
      "Aces": [
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Owns",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-513",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        }
      ],
      "ObjectIdentifier": "EDB16956-50D9-4E16-B448-441EFC1D1FB8",
      "IsDeleted": false,
      "IsACLProtected": true,
      "ContainedBy": {
        "ObjectIdentifier": "95D1A36E-7782-4CC5-823C-F5994359DDC0",
        "ObjectType": "Container"
      }
    },
    {
      "Properties": {
        "domain": "ESC1.LOCAL",
        "name": "ADMINISTRATOR@ESC1.LOCAL",
        "distinguishedname": "CN=ADMINISTRATOR,CN=CERTIFICATE TEMPLATES,CN=PUBLIC KEY SERVICES,CN=SERVICES,CN=CONFIGURATION,DC=ESC1,DC=LOCAL",
        "domainsid": "S-1-5-21-909015691-3030120388-2582151266",
        "description": null,
        "whencreated": 1664426237,
        "validityperiod": "1 year",
        "renewalperiod": "6 weeks",
        "schemaversion": 1,
        "displayname": "Administrator",
        "oid": "1.3.6.1.4.1.311.21.8.12059088.7148202.5130407.12905872.6174753.77.1.7",
        "enrollmentflag": "INCLUDE_SYMMETRIC_ALGORITHMS, PUBLISH_TO_DS, AUTO_ENROLLMENT",
        "requiresmanagerapproval": false,
        "nosecurityextension": false,
        "certificatenameflag": "SUBJECT_ALT_REQUIRE_UPN, SUBJECT_ALT_REQUIRE_EMAIL, SUBJECT_REQUIRE_EMAIL, SUBJECT_REQUIRE_DIRECTORY_PATH",
        "enrolleesuppliessubject": false,
        "subjectaltrequireupn": true,
        "ekus": [
          "1.3.6.1.4.1.311.10.3.1",
          "1.3.6.1.4.1.311.10.3.4",
          "1.3.6.1.5.5.7.3.4",
          "1.3.6.1.5.5.7.3.2"
        ],
        "certificateapplicationpolicy": [],
        "authorizedsignatures": 0,
        "applicationpolicies": [],
        "issuancepolicies": [],
        "effectiveekus": [
          "1.3.6.1.4.1.311.10.3.1",
          "1.3.6.1.4.1.311.10.3.4",
          "1.3.6.1.5.5.7.3.4",
          "1.3.6.1.5.5.7.3.2"
        ],
        "authenticationenabled": true
      },
      "Aces": [
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Owns",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        }
      ],
      "ObjectIdentifier": "251BB763-E8FE-4B7A-9E61-1EDE247847E1",
      "IsDeleted": false,
      "IsACLProtected": true,
      "ContainedBy": {
        "ObjectIdentifier": "95D1A36E-7782-4CC5-823C-F5994359DDC0",
        "ObjectType": "Container"
      }
    },
    {
      "Properties": {
        "domain": "ESC1.LOCAL",
        "name": "EFSRECOVERY@ESC1.LOCAL",
        "distinguishedname": "CN=EFSRECOVERY,CN=CERTIFICATE TEMPLATES,CN=PUBLIC KEY SERVICES,CN=SERVICES,CN=CONFIGURATION,DC=ESC1,DC=LOCAL",
        "domainsid": "S-1-5-21-909015691-3030120388-2582151266",
        "description": null,
        "whencreated": 1664426237,
        "validityperiod": "5 years",
        "renewalperiod": "6 weeks",
        "schemaversion": 1,
        "displayname": "EFS Recovery Agent",
        "oid": "1.3.6.1.4.1.311.21.8.12059088.7148202.5130407.12905872.6174753.77.1.8",
        "enrollmentflag": "INCLUDE_SYMMETRIC_ALGORITHMS, AUTO_ENROLLMENT",
        "requiresmanagerapproval": false,
        "nosecurityextension": false,
        "certificatenameflag": "SUBJECT_ALT_REQUIRE_UPN, SUBJECT_REQUIRE_DIRECTORY_PATH",
        "enrolleesuppliessubject": false,
        "subjectaltrequireupn": true,
        "ekus": ["1.3.6.1.4.1.311.10.3.4.1"],
        "certificateapplicationpolicy": [],
        "authorizedsignatures": 0,
        "applicationpolicies": [],
        "issuancepolicies": [],
        "effectiveekus": ["1.3.6.1.4.1.311.10.3.4.1"],
        "authenticationenabled": false
      },
      "Aces": [
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Owns",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        }
      ],
      "ObjectIdentifier": "E249A350-93EA-4290-9E28-CFC9A5718C86",
      "IsDeleted": false,
      "IsACLProtected": true,
      "ContainedBy": {
        "ObjectIdentifier": "95D1A36E-7782-4CC5-823C-F5994359DDC0",
        "ObjectType": "Container"
      }
    },
    {
      "Properties": {
        "domain": "ESC1.LOCAL",
        "name": "CODESIGNING@ESC1.LOCAL",
        "distinguishedname": "CN=CODESIGNING,CN=CERTIFICATE TEMPLATES,CN=PUBLIC KEY SERVICES,CN=SERVICES,CN=CONFIGURATION,DC=ESC1,DC=LOCAL",
        "domainsid": "S-1-5-21-909015691-3030120388-2582151266",
        "description": null,
        "whencreated": 1664426237,
        "validityperiod": "1 year",
        "renewalperiod": "6 weeks",
        "schemaversion": 1,
        "displayname": "Code Signing",
        "oid": "1.3.6.1.4.1.311.21.8.12059088.7148202.5130407.12905872.6174753.77.1.9",
        "enrollmentflag": "AUTO_ENROLLMENT",
        "requiresmanagerapproval": false,
        "nosecurityextension": false,
        "certificatenameflag": "SUBJECT_ALT_REQUIRE_UPN, SUBJECT_REQUIRE_DIRECTORY_PATH",
        "enrolleesuppliessubject": false,
        "subjectaltrequireupn": true,
        "ekus": ["1.3.6.1.5.5.7.3.3"],
        "certificateapplicationpolicy": [],
        "authorizedsignatures": 0,
        "applicationpolicies": [],
        "issuancepolicies": [],
        "effectiveekus": ["1.3.6.1.5.5.7.3.3"],
        "authenticationenabled": false
      },
      "Aces": [
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Owns",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        }
      ],
      "ObjectIdentifier": "E928FF44-D63B-4C60-B20A-94B72B782E38",
      "IsDeleted": false,
      "IsACLProtected": true,
      "ContainedBy": {
        "ObjectIdentifier": "95D1A36E-7782-4CC5-823C-F5994359DDC0",
        "ObjectType": "Container"
      }
    },
    {
      "Properties": {
        "domain": "ESC1.LOCAL",
        "name": "ENROLLMENTAGENT@ESC1.LOCAL",
        "distinguishedname": "CN=ENROLLMENTAGENT,CN=CERTIFICATE TEMPLATES,CN=PUBLIC KEY SERVICES,CN=SERVICES,CN=CONFIGURATION,DC=ESC1,DC=LOCAL",
        "domainsid": "S-1-5-21-909015691-3030120388-2582151266",
        "description": null,
        "whencreated": 1664426237,
        "validityperiod": "2 years",
        "renewalperiod": "6 weeks",
        "schemaversion": 1,
        "displayname": "Enrollment Agent",
        "oid": "1.3.6.1.4.1.311.21.8.12059088.7148202.5130407.12905872.6174753.77.1.11",
        "enrollmentflag": "AUTO_ENROLLMENT",
        "requiresmanagerapproval": false,
        "nosecurityextension": false,
        "certificatenameflag": "SUBJECT_ALT_REQUIRE_UPN, SUBJECT_REQUIRE_DIRECTORY_PATH",
        "enrolleesuppliessubject": false,
        "subjectaltrequireupn": true,
        "ekus": ["1.3.6.1.4.1.311.20.2.1"],
        "certificateapplicationpolicy": [],
        "authorizedsignatures": 0,
        "applicationpolicies": [],
        "issuancepolicies": [],
        "effectiveekus": ["1.3.6.1.4.1.311.20.2.1"],
        "authenticationenabled": false
      },
      "Aces": [
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Owns",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        }
      ],
      "ObjectIdentifier": "CDDAE05D-4623-464C-AB48-AE38BC7EC8BA",
      "IsDeleted": false,
      "IsACLProtected": true,
      "ContainedBy": {
        "ObjectIdentifier": "95D1A36E-7782-4CC5-823C-F5994359DDC0",
        "ObjectType": "Container"
      }
    },
    {
      "Properties": {
        "domain": "ESC1.LOCAL",
        "name": "ENROLLMENTAGENTOFFLINE@ESC1.LOCAL",
        "distinguishedname": "CN=ENROLLMENTAGENTOFFLINE,CN=CERTIFICATE TEMPLATES,CN=PUBLIC KEY SERVICES,CN=SERVICES,CN=CONFIGURATION,DC=ESC1,DC=LOCAL",
        "domainsid": "S-1-5-21-909015691-3030120388-2582151266",
        "description": null,
        "whencreated": 1664426237,
        "validityperiod": "2 years",
        "renewalperiod": "6 weeks",
        "schemaversion": 1,
        "displayname": "Exchange Enrollment Agent (Offline request)",
        "oid": "1.3.6.1.4.1.311.21.8.12059088.7148202.5130407.12905872.6174753.77.1.12",
        "enrollmentflag": "NONE",
        "requiresmanagerapproval": false,
        "nosecurityextension": false,
        "certificatenameflag": "ENROLLEE_SUPPLIES_SUBJECT",
        "enrolleesuppliessubject": true,
        "subjectaltrequireupn": false,
        "ekus": ["1.3.6.1.4.1.311.20.2.1"],
        "certificateapplicationpolicy": [],
        "authorizedsignatures": 0,
        "applicationpolicies": [],
        "issuancepolicies": [],
        "effectiveekus": ["1.3.6.1.4.1.311.20.2.1"],
        "authenticationenabled": false
      },
      "Aces": [
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Owns",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        }
      ],
      "ObjectIdentifier": "43616DDD-A336-439F-8A08-088CC0AA85C1",
      "IsDeleted": false,
      "IsACLProtected": true,
      "ContainedBy": {
        "ObjectIdentifier": "95D1A36E-7782-4CC5-823C-F5994359DDC0",
        "ObjectType": "Container"
      }
    },
    {
      "Properties": {
        "domain": "ESC1.LOCAL",
        "name": "MACHINEENROLLMENTAGENT@ESC1.LOCAL",
        "distinguishedname": "CN=MACHINEENROLLMENTAGENT,CN=CERTIFICATE TEMPLATES,CN=PUBLIC KEY SERVICES,CN=SERVICES,CN=CONFIGURATION,DC=ESC1,DC=LOCAL",
        "domainsid": "S-1-5-21-909015691-3030120388-2582151266",
        "description": null,
        "whencreated": 1664426237,
        "validityperiod": "2 years",
        "renewalperiod": "6 weeks",
        "schemaversion": 1,
        "displayname": "Enrollment Agent (Computer)",
        "oid": "1.3.6.1.4.1.311.21.8.12059088.7148202.5130407.12905872.6174753.77.1.13",
        "enrollmentflag": "AUTO_ENROLLMENT",
        "requiresmanagerapproval": false,
        "nosecurityextension": false,
        "certificatenameflag": "SUBJECT_ALT_REQUIRE_DNS, SUBJECT_REQUIRE_DNS_AS_CN",
        "enrolleesuppliessubject": false,
        "subjectaltrequireupn": false,
        "ekus": ["1.3.6.1.4.1.311.20.2.1"],
        "certificateapplicationpolicy": [],
        "authorizedsignatures": 0,
        "applicationpolicies": [],
        "issuancepolicies": [],
        "effectiveekus": ["1.3.6.1.4.1.311.20.2.1"],
        "authenticationenabled": false
      },
      "Aces": [
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Owns",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        }
      ],
      "ObjectIdentifier": "39E1A53E-3D9E-4341-A3E8-8F297FEB34CD",
      "IsDeleted": false,
      "IsACLProtected": true,
      "ContainedBy": {
        "ObjectIdentifier": "95D1A36E-7782-4CC5-823C-F5994359DDC0",
        "ObjectType": "Container"
      }
    },
    {
      "Properties": {
        "domain": "ESC1.LOCAL",
        "name": "MACHINE@ESC1.LOCAL",
        "distinguishedname": "CN=MACHINE,CN=CERTIFICATE TEMPLATES,CN=PUBLIC KEY SERVICES,CN=SERVICES,CN=CONFIGURATION,DC=ESC1,DC=LOCAL",
        "domainsid": "S-1-5-21-909015691-3030120388-2582151266",
        "description": null,
        "whencreated": 1664426237,
        "validityperiod": "1 year",
        "renewalperiod": "6 weeks",
        "schemaversion": 1,
        "displayname": "Computer",
        "oid": "1.3.6.1.4.1.311.21.8.12059088.7148202.5130407.12905872.6174753.77.1.14",
        "enrollmentflag": "AUTO_ENROLLMENT",
        "requiresmanagerapproval": false,
        "nosecurityextension": false,
        "certificatenameflag": "SUBJECT_ALT_REQUIRE_DNS, SUBJECT_REQUIRE_DNS_AS_CN",
        "enrolleesuppliessubject": false,
        "subjectaltrequireupn": false,
        "ekus": ["1.3.6.1.5.5.7.3.2", "1.3.6.1.5.5.7.3.1"],
        "certificateapplicationpolicy": [],
        "authorizedsignatures": 0,
        "applicationpolicies": [],
        "issuancepolicies": [],
        "effectiveekus": ["1.3.6.1.5.5.7.3.2", "1.3.6.1.5.5.7.3.1"],
        "authenticationenabled": true
      },
      "Aces": [
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Owns",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-515",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        }
      ],
      "ObjectIdentifier": "C6DC9FD9-2A52-4064-9D8E-ED9BBA52FD51",
      "IsDeleted": false,
      "IsACLProtected": true,
      "ContainedBy": {
        "ObjectIdentifier": "95D1A36E-7782-4CC5-823C-F5994359DDC0",
        "ObjectType": "Container"
      }
    },
    {
      "Properties": {
        "domain": "ESC1.LOCAL",
        "name": "DOMAINCONTROLLER@ESC1.LOCAL",
        "distinguishedname": "CN=DOMAINCONTROLLER,CN=CERTIFICATE TEMPLATES,CN=PUBLIC KEY SERVICES,CN=SERVICES,CN=CONFIGURATION,DC=ESC1,DC=LOCAL",
        "domainsid": "S-1-5-21-909015691-3030120388-2582151266",
        "description": null,
        "whencreated": 1664426237,
        "validityperiod": "1 year",
        "renewalperiod": "6 weeks",
        "schemaversion": 1,
        "displayname": "Domain Controller",
        "oid": "1.3.6.1.4.1.311.21.8.12059088.7148202.5130407.12905872.6174753.77.1.15",
        "enrollmentflag": "INCLUDE_SYMMETRIC_ALGORITHMS, PUBLISH_TO_DS, AUTO_ENROLLMENT",
        "requiresmanagerapproval": false,
        "nosecurityextension": false,
        "certificatenameflag": "SUBJECT_ALT_REQUIRE_DIRECTORY_GUID, SUBJECT_ALT_REQUIRE_DNS, SUBJECT_REQUIRE_DNS_AS_CN",
        "enrolleesuppliessubject": false,
        "subjectaltrequireupn": false,
        "ekus": ["1.3.6.1.5.5.7.3.2", "1.3.6.1.5.5.7.3.1"],
        "certificateapplicationpolicy": [],
        "authorizedsignatures": 0,
        "applicationpolicies": [],
        "issuancepolicies": [],
        "effectiveekus": ["1.3.6.1.5.5.7.3.2", "1.3.6.1.5.5.7.3.1"],
        "authenticationenabled": true
      },
      "Aces": [
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Owns",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "ESC1.LOCAL-S-1-5-9",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-498",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-516",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        }
      ],
      "ObjectIdentifier": "63FB126D-499F-48DA-A707-A134B92764BD",
      "IsDeleted": false,
      "IsACLProtected": true,
      "ContainedBy": {
        "ObjectIdentifier": "95D1A36E-7782-4CC5-823C-F5994359DDC0",
        "ObjectType": "Container"
      }
    },
    {
      "Properties": {
        "domain": "ESC1.LOCAL",
        "name": "CA@ESC1.LOCAL",
        "distinguishedname": "CN=CA,CN=CERTIFICATE TEMPLATES,CN=PUBLIC KEY SERVICES,CN=SERVICES,CN=CONFIGURATION,DC=ESC1,DC=LOCAL",
        "domainsid": "S-1-5-21-909015691-3030120388-2582151266",
        "description": null,
        "whencreated": 1664426237,
        "validityperiod": "5 years",
        "renewalperiod": "6 weeks",
        "schemaversion": 1,
        "displayname": "Root Certification Authority",
        "oid": "1.3.6.1.4.1.311.21.8.12059088.7148202.5130407.12905872.6174753.77.1.17",
        "enrollmentflag": "NONE",
        "requiresmanagerapproval": false,
        "nosecurityextension": false,
        "certificatenameflag": "ENROLLEE_SUPPLIES_SUBJECT",
        "enrolleesuppliessubject": true,
        "subjectaltrequireupn": false,
        "ekus": [],
        "certificateapplicationpolicy": [],
        "authorizedsignatures": 0,
        "applicationpolicies": [],
        "issuancepolicies": [],
        "effectiveekus": [],
        "authenticationenabled": true
      },
      "Aces": [
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Owns",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        }
      ],
      "ObjectIdentifier": "091BE19E-A0D3-4920-A967-5673A2214268",
      "IsDeleted": false,
      "IsACLProtected": true,
      "ContainedBy": {
        "ObjectIdentifier": "95D1A36E-7782-4CC5-823C-F5994359DDC0",
        "ObjectType": "Container"
      }
    },
    {
      "Properties": {
        "domain": "ESC1.LOCAL",
        "name": "SUBCA@ESC1.LOCAL",
        "distinguishedname": "CN=SUBCA,CN=CERTIFICATE TEMPLATES,CN=PUBLIC KEY SERVICES,CN=SERVICES,CN=CONFIGURATION,DC=ESC1,DC=LOCAL",
        "domainsid": "S-1-5-21-909015691-3030120388-2582151266",
        "description": null,
        "whencreated": 1664426237,
        "validityperiod": "5 years",
        "renewalperiod": "6 weeks",
        "schemaversion": 1,
        "displayname": "Subordinate Certification Authority",
        "oid": "1.3.6.1.4.1.311.21.8.12059088.7148202.5130407.12905872.6174753.77.1.18",
        "enrollmentflag": "NONE",
        "requiresmanagerapproval": false,
        "nosecurityextension": false,
        "certificatenameflag": "ENROLLEE_SUPPLIES_SUBJECT",
        "enrolleesuppliessubject": true,
        "subjectaltrequireupn": false,
        "ekus": [],
        "certificateapplicationpolicy": [],
        "authorizedsignatures": 0,
        "applicationpolicies": [],
        "issuancepolicies": [],
        "effectiveekus": [],
        "authenticationenabled": true
      },
      "Aces": [
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Owns",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        }
      ],
      "ObjectIdentifier": "441D7EAE-CF79-4B97-83A2-B770C231E4DA",
      "IsDeleted": false,
      "IsACLProtected": true,
      "ContainedBy": {
        "ObjectIdentifier": "95D1A36E-7782-4CC5-823C-F5994359DDC0",
        "ObjectType": "Container"
      }
    },
    {
      "Properties": {
        "domain": "ESC1.LOCAL",
        "name": "IPSECINTERMEDIATEONLINE@ESC1.LOCAL",
        "distinguishedname": "CN=IPSECINTERMEDIATEONLINE,CN=CERTIFICATE TEMPLATES,CN=PUBLIC KEY SERVICES,CN=SERVICES,CN=CONFIGURATION,DC=ESC1,DC=LOCAL",
        "domainsid": "S-1-5-21-909015691-3030120388-2582151266",
        "description": null,
        "whencreated": 1664426237,
        "validityperiod": "2 years",
        "renewalperiod": "6 weeks",
        "schemaversion": 1,
        "displayname": "IPSec",
        "oid": "1.3.6.1.4.1.311.21.8.12059088.7148202.5130407.12905872.6174753.77.1.19",
        "enrollmentflag": "AUTO_ENROLLMENT",
        "requiresmanagerapproval": false,
        "nosecurityextension": false,
        "certificatenameflag": "SUBJECT_ALT_REQUIRE_DNS, SUBJECT_REQUIRE_DNS_AS_CN",
        "enrolleesuppliessubject": false,
        "subjectaltrequireupn": false,
        "ekus": ["1.3.6.1.5.5.8.2.2"],
        "certificateapplicationpolicy": [],
        "authorizedsignatures": 0,
        "applicationpolicies": [],
        "issuancepolicies": [],
        "effectiveekus": ["1.3.6.1.5.5.8.2.2"],
        "authenticationenabled": false
      },
      "Aces": [
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Owns",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-515",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-516",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        }
      ],
      "ObjectIdentifier": "AACF5D02-3165-4AC7-9AA9-BD604F95011F",
      "IsDeleted": false,
      "IsACLProtected": true,
      "ContainedBy": {
        "ObjectIdentifier": "95D1A36E-7782-4CC5-823C-F5994359DDC0",
        "ObjectType": "Container"
      }
    },
    {
      "Properties": {
        "domain": "ESC1.LOCAL",
        "name": "IPSECINTERMEDIATEOFFLINE@ESC1.LOCAL",
        "distinguishedname": "CN=IPSECINTERMEDIATEOFFLINE,CN=CERTIFICATE TEMPLATES,CN=PUBLIC KEY SERVICES,CN=SERVICES,CN=CONFIGURATION,DC=ESC1,DC=LOCAL",
        "domainsid": "S-1-5-21-909015691-3030120388-2582151266",
        "description": null,
        "whencreated": 1664426237,
        "validityperiod": "2 years",
        "renewalperiod": "6 weeks",
        "schemaversion": 1,
        "displayname": "IPSec (Offline request)",
        "oid": "1.3.6.1.4.1.311.21.8.12059088.7148202.5130407.12905872.6174753.77.1.20",
        "enrollmentflag": "NONE",
        "requiresmanagerapproval": false,
        "nosecurityextension": false,
        "certificatenameflag": "ENROLLEE_SUPPLIES_SUBJECT",
        "enrolleesuppliessubject": true,
        "subjectaltrequireupn": false,
        "ekus": ["1.3.6.1.5.5.8.2.2"],
        "certificateapplicationpolicy": [],
        "authorizedsignatures": 0,
        "applicationpolicies": [],
        "issuancepolicies": [],
        "effectiveekus": ["1.3.6.1.5.5.8.2.2"],
        "authenticationenabled": false
      },
      "Aces": [
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Owns",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        }
      ],
      "ObjectIdentifier": "4DC38500-E84C-4A92-9354-AE4665CCC80A",
      "IsDeleted": false,
      "IsACLProtected": true,
      "ContainedBy": {
        "ObjectIdentifier": "95D1A36E-7782-4CC5-823C-F5994359DDC0",
        "ObjectType": "Container"
      }
    },
    {
      "Properties": {
        "domain": "ESC1.LOCAL",
        "name": "OFFLINEROUTER@ESC1.LOCAL",
        "distinguishedname": "CN=OFFLINEROUTER,CN=CERTIFICATE TEMPLATES,CN=PUBLIC KEY SERVICES,CN=SERVICES,CN=CONFIGURATION,DC=ESC1,DC=LOCAL",
        "domainsid": "S-1-5-21-909015691-3030120388-2582151266",
        "description": null,
        "whencreated": 1664426237,
        "validityperiod": "2 years",
        "renewalperiod": "6 weeks",
        "schemaversion": 1,
        "displayname": "Router (Offline request)",
        "oid": "1.3.6.1.4.1.311.21.8.12059088.7148202.5130407.12905872.6174753.77.1.21",
        "enrollmentflag": "NONE",
        "requiresmanagerapproval": false,
        "nosecurityextension": false,
        "certificatenameflag": "ENROLLEE_SUPPLIES_SUBJECT",
        "enrolleesuppliessubject": true,
        "subjectaltrequireupn": false,
        "ekus": ["1.3.6.1.5.5.7.3.2"],
        "certificateapplicationpolicy": [],
        "authorizedsignatures": 0,
        "applicationpolicies": [],
        "issuancepolicies": [],
        "effectiveekus": ["1.3.6.1.5.5.7.3.2"],
        "authenticationenabled": true
      },
      "Aces": [
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Owns",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        }
      ],
      "ObjectIdentifier": "99679751-132B-4732-89EE-E21F0A1B1B30",
      "IsDeleted": false,
      "IsACLProtected": true,
      "ContainedBy": {
        "ObjectIdentifier": "95D1A36E-7782-4CC5-823C-F5994359DDC0",
        "ObjectType": "Container"
      }
    },
    {
      "Properties": {
        "domain": "ESC1.LOCAL",
        "name": "USERSIGNATURE@ESC1.LOCAL",
        "distinguishedname": "CN=USERSIGNATURE,CN=CERTIFICATE TEMPLATES,CN=PUBLIC KEY SERVICES,CN=SERVICES,CN=CONFIGURATION,DC=ESC1,DC=LOCAL",
        "domainsid": "S-1-5-21-909015691-3030120388-2582151266",
        "description": null,
        "whencreated": 1664426237,
        "validityperiod": "1 year",
        "renewalperiod": "6 weeks",
        "schemaversion": 1,
        "displayname": "User Signature Only",
        "oid": "1.3.6.1.4.1.311.21.8.12059088.7148202.5130407.12905872.6174753.77.1.2",
        "enrollmentflag": "AUTO_ENROLLMENT",
        "requiresmanagerapproval": false,
        "nosecurityextension": false,
        "certificatenameflag": "SUBJECT_ALT_REQUIRE_UPN, SUBJECT_ALT_REQUIRE_EMAIL, SUBJECT_REQUIRE_EMAIL, SUBJECT_REQUIRE_DIRECTORY_PATH",
        "enrolleesuppliessubject": false,
        "subjectaltrequireupn": true,
        "ekus": ["1.3.6.1.5.5.7.3.4", "1.3.6.1.5.5.7.3.2"],
        "certificateapplicationpolicy": [],
        "authorizedsignatures": 0,
        "applicationpolicies": [],
        "issuancepolicies": [],
        "effectiveekus": ["1.3.6.1.5.5.7.3.4", "1.3.6.1.5.5.7.3.2"],
        "authenticationenabled": true
      },
      "Aces": [
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Owns",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-513",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        }
      ],
      "ObjectIdentifier": "176D3356-0094-4E80-868A-00E74B651CC0",
      "IsDeleted": false,
      "IsACLProtected": true,
      "ContainedBy": {
        "ObjectIdentifier": "95D1A36E-7782-4CC5-823C-F5994359DDC0",
        "ObjectType": "Container"
      }
    },
    {
      "Properties": {
        "domain": "ESC1.LOCAL",
        "name": "KEYRECOVERYAGENT@ESC1.LOCAL",
        "distinguishedname": "CN=KEYRECOVERYAGENT,CN=CERTIFICATE TEMPLATES,CN=PUBLIC KEY SERVICES,CN=SERVICES,CN=CONFIGURATION,DC=ESC1,DC=LOCAL",
        "domainsid": "S-1-5-21-909015691-3030120388-2582151266",
        "description": null,
        "whencreated": 1664426237,
        "validityperiod": "2 years",
        "renewalperiod": "6 weeks",
        "schemaversion": 2,
        "displayname": "Key Recovery Agent",
        "oid": "1.3.6.1.4.1.311.21.8.12059088.7148202.5130407.12905872.6174753.77.1.27",
        "enrollmentflag": "INCLUDE_SYMMETRIC_ALGORITHMS, PEND_ALL_REQUESTS, PUBLISH_TO_KRA_CONTAINER, AUTO_ENROLLMENT",
        "requiresmanagerapproval": true,
        "nosecurityextension": false,
        "certificatenameflag": "SUBJECT_ALT_REQUIRE_UPN, SUBJECT_REQUIRE_DIRECTORY_PATH",
        "enrolleesuppliessubject": false,
        "subjectaltrequireupn": true,
        "ekus": ["1.3.6.1.4.1.311.21.6"],
        "certificateapplicationpolicy": ["1.3.6.1.4.1.311.21.6"],
        "authorizedsignatures": 0,
        "applicationpolicies": [],
        "issuancepolicies": [],
        "effectiveekus": ["1.3.6.1.4.1.311.21.6"],
        "authenticationenabled": false
      },
      "Aces": [
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Owns",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        }
      ],
      "ObjectIdentifier": "1467B8A3-2ACD-4A8B-9CF1-E9333110A00C",
      "IsDeleted": false,
      "IsACLProtected": true,
      "ContainedBy": {
        "ObjectIdentifier": "95D1A36E-7782-4CC5-823C-F5994359DDC0",
        "ObjectType": "Container"
      }
    },
    {
      "Properties": {
        "domain": "ESC1.LOCAL",
        "name": "DOMAINCONTROLLERAUTHENTICATION@ESC1.LOCAL",
        "distinguishedname": "CN=DOMAINCONTROLLERAUTHENTICATION,CN=CERTIFICATE TEMPLATES,CN=PUBLIC KEY SERVICES,CN=SERVICES,CN=CONFIGURATION,DC=ESC1,DC=LOCAL",
        "domainsid": "S-1-5-21-909015691-3030120388-2582151266",
        "description": null,
        "whencreated": 1664426237,
        "validityperiod": "1 year",
        "renewalperiod": "6 weeks",
        "schemaversion": 2,
        "displayname": "Domain Controller Authentication",
        "oid": "1.3.6.1.4.1.311.21.8.12059088.7148202.5130407.12905872.6174753.77.1.28",
        "enrollmentflag": "NONE",
        "requiresmanagerapproval": false,
        "nosecurityextension": false,
        "certificatenameflag": "ENROLLEE_SUPPLIES_SUBJECT",
        "enrolleesuppliessubject": true,
        "subjectaltrequireupn": false,
        "ekus": [
          "1.3.6.1.5.5.7.3.2",
          "1.3.6.1.5.5.7.3.1",
          "1.3.6.1.4.1.311.20.2.2"
        ],
        "certificateapplicationpolicy": [
          "1.3.6.1.5.5.7.3.2",
          "1.3.6.1.5.5.7.3.1",
          "1.3.6.1.4.1.311.20.2.2"
        ],
        "authorizedsignatures": 0,
        "applicationpolicies": [],
        "issuancepolicies": [],
        "effectiveekus": [
          "1.3.6.1.5.5.7.3.2",
          "1.3.6.1.5.5.7.3.1",
          "1.3.6.1.4.1.311.20.2.2"
        ],
        "authenticationenabled": true
      },
      "Aces": [
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Owns",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "ESC1.LOCAL-S-1-5-9",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-498",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-516",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-1105",
          "PrincipalType": "User",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-1106",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-1110",
          "PrincipalType": "User",
          "RightName": "Enroll",
          "IsInherited": false
        }
      ],
      "ObjectIdentifier": "75957C42-9FFB-4D75-A297-7CDB8B11D74F",
      "IsDeleted": false,
      "IsACLProtected": true,
      "ContainedBy": {
        "ObjectIdentifier": "95D1A36E-7782-4CC5-823C-F5994359DDC0",
        "ObjectType": "Container"
      }
    },
    {
      "Properties": {
        "domain": "ESC1.LOCAL",
        "name": "EXCHANGEUSERSIGNATURE@ESC1.LOCAL",
        "distinguishedname": "CN=EXCHANGEUSERSIGNATURE,CN=CERTIFICATE TEMPLATES,CN=PUBLIC KEY SERVICES,CN=SERVICES,CN=CONFIGURATION,DC=ESC1,DC=LOCAL",
        "domainsid": "S-1-5-21-909015691-3030120388-2582151266",
        "description": null,
        "whencreated": 1664426237,
        "validityperiod": "1 year",
        "renewalperiod": "6 weeks",
        "schemaversion": 1,
        "displayname": "Exchange Signature Only",
        "oid": "1.3.6.1.4.1.311.21.8.12059088.7148202.5130407.12905872.6174753.77.1.24",
        "enrollmentflag": "NONE",
        "requiresmanagerapproval": false,
        "nosecurityextension": false,
        "certificatenameflag": "ENROLLEE_SUPPLIES_SUBJECT",
        "enrolleesuppliessubject": true,
        "subjectaltrequireupn": false,
        "ekus": ["1.3.6.1.5.5.7.3.4"],
        "certificateapplicationpolicy": [],
        "authorizedsignatures": 0,
        "applicationpolicies": [],
        "issuancepolicies": [],
        "effectiveekus": ["1.3.6.1.5.5.7.3.4"],
        "authenticationenabled": false
      },
      "Aces": [
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Owns",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        }
      ],
      "ObjectIdentifier": "A938AA1C-1A2E-4636-9926-43EE00945106",
      "IsDeleted": false,
      "IsACLProtected": true,
      "ContainedBy": {
        "ObjectIdentifier": "95D1A36E-7782-4CC5-823C-F5994359DDC0",
        "ObjectType": "Container"
      }
    },
    {
      "Properties": {
        "domain": "ESC1.LOCAL",
        "name": "DIRECTORYEMAILREPLICATION@ESC1.LOCAL",
        "distinguishedname": "CN=DIRECTORYEMAILREPLICATION,CN=CERTIFICATE TEMPLATES,CN=PUBLIC KEY SERVICES,CN=SERVICES,CN=CONFIGURATION,DC=ESC1,DC=LOCAL",
        "domainsid": "S-1-5-21-909015691-3030120388-2582151266",
        "description": null,
        "whencreated": 1664426237,
        "validityperiod": "1 year",
        "renewalperiod": "6 weeks",
        "schemaversion": 2,
        "displayname": "Directory Email Replication",
        "oid": "1.3.6.1.4.1.311.21.8.12059088.7148202.5130407.12905872.6174753.77.1.29",
        "enrollmentflag": "INCLUDE_SYMMETRIC_ALGORITHMS, PUBLISH_TO_DS, AUTO_ENROLLMENT",
        "requiresmanagerapproval": false,
        "nosecurityextension": false,
        "certificatenameflag": "SUBJECT_ALT_REQUIRE_DIRECTORY_GUID, SUBJECT_ALT_REQUIRE_DNS",
        "enrolleesuppliessubject": false,
        "subjectaltrequireupn": false,
        "ekus": ["1.3.6.1.4.1.311.21.19"],
        "certificateapplicationpolicy": ["1.3.6.1.4.1.311.21.19"],
        "authorizedsignatures": 0,
        "applicationpolicies": [],
        "issuancepolicies": [],
        "effectiveekus": ["1.3.6.1.4.1.311.21.19"],
        "authenticationenabled": false
      },
      "Aces": [
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Owns",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "ESC1.LOCAL-S-1-5-9",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-498",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-516",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        }
      ],
      "ObjectIdentifier": "55BCF264-BBB0-4D50-ACC0-69235586DFC9",
      "IsDeleted": false,
      "IsACLProtected": true,
      "ContainedBy": {
        "ObjectIdentifier": "95D1A36E-7782-4CC5-823C-F5994359DDC0",
        "ObjectType": "Container"
      }
    },
    {
      "Properties": {
        "domain": "ESC1.LOCAL",
        "name": "WORKSTATION@ESC1.LOCAL",
        "distinguishedname": "CN=WORKSTATION,CN=CERTIFICATE TEMPLATES,CN=PUBLIC KEY SERVICES,CN=SERVICES,CN=CONFIGURATION,DC=ESC1,DC=LOCAL",
        "domainsid": "S-1-5-21-909015691-3030120388-2582151266",
        "description": null,
        "whencreated": 1664426237,
        "validityperiod": "1 year",
        "renewalperiod": "6 weeks",
        "schemaversion": 2,
        "displayname": "Workstation Authentication",
        "oid": "1.3.6.1.4.1.311.21.8.12059088.7148202.5130407.12905872.6174753.77.1.30",
        "enrollmentflag": "AUTO_ENROLLMENT",
        "requiresmanagerapproval": false,
        "nosecurityextension": false,
        "certificatenameflag": "SUBJECT_ALT_REQUIRE_DNS",
        "enrolleesuppliessubject": false,
        "subjectaltrequireupn": false,
        "ekus": ["1.3.6.1.5.5.7.3.2"],
        "certificateapplicationpolicy": ["1.3.6.1.5.5.7.3.2"],
        "authorizedsignatures": 0,
        "applicationpolicies": [],
        "issuancepolicies": [],
        "effectiveekus": ["1.3.6.1.5.5.7.3.2"],
        "authenticationenabled": true
      },
      "Aces": [
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Owns",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-515",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        }
      ],
      "ObjectIdentifier": "3C412345-7109-47BC-B33E-D765B14BBE99",
      "IsDeleted": false,
      "IsACLProtected": true,
      "ContainedBy": {
        "ObjectIdentifier": "95D1A36E-7782-4CC5-823C-F5994359DDC0",
        "ObjectType": "Container"
      }
    },
    {
      "Properties": {
        "domain": "ESC1.LOCAL",
        "name": "RASANDIASSERVER@ESC1.LOCAL",
        "distinguishedname": "CN=RASANDIASSERVER,CN=CERTIFICATE TEMPLATES,CN=PUBLIC KEY SERVICES,CN=SERVICES,CN=CONFIGURATION,DC=ESC1,DC=LOCAL",
        "domainsid": "S-1-5-21-909015691-3030120388-2582151266",
        "description": null,
        "whencreated": 1664426237,
        "validityperiod": "1 year",
        "renewalperiod": "6 weeks",
        "schemaversion": 2,
        "displayname": "RAS and IAS Server",
        "oid": "1.3.6.1.4.1.311.21.8.12059088.7148202.5130407.12905872.6174753.77.1.31",
        "enrollmentflag": "AUTO_ENROLLMENT",
        "requiresmanagerapproval": false,
        "nosecurityextension": false,
        "certificatenameflag": "SUBJECT_ALT_REQUIRE_DNS, SUBJECT_REQUIRE_COMMON_NAME",
        "enrolleesuppliessubject": false,
        "subjectaltrequireupn": false,
        "ekus": ["1.3.6.1.5.5.7.3.2", "1.3.6.1.5.5.7.3.1"],
        "certificateapplicationpolicy": [
          "1.3.6.1.5.5.7.3.2",
          "1.3.6.1.5.5.7.3.1"
        ],
        "authorizedsignatures": 0,
        "applicationpolicies": [],
        "issuancepolicies": [],
        "effectiveekus": ["1.3.6.1.5.5.7.3.2", "1.3.6.1.5.5.7.3.1"],
        "authenticationenabled": true
      },
      "Aces": [
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Owns",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-553",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        }
      ],
      "ObjectIdentifier": "8426B1B2-6678-4223-BB03-0EBA065D8976",
      "IsDeleted": false,
      "IsACLProtected": true,
      "ContainedBy": {
        "ObjectIdentifier": "95D1A36E-7782-4CC5-823C-F5994359DDC0",
        "ObjectType": "Container"
      }
    },
    {
      "Properties": {
        "domain": "ESC1.LOCAL",
        "name": "OCSPRESPONSESIGNING@ESC1.LOCAL",
        "distinguishedname": "CN=OCSPRESPONSESIGNING,CN=CERTIFICATE TEMPLATES,CN=PUBLIC KEY SERVICES,CN=SERVICES,CN=CONFIGURATION,DC=ESC1,DC=LOCAL",
        "domainsid": "S-1-5-21-909015691-3030120388-2582151266",
        "description": null,
        "whencreated": 1664426237,
        "validityperiod": "2 weeks",
        "renewalperiod": "2 days",
        "schemaversion": 3,
        "displayname": "OCSP Response Signing",
        "oid": "1.3.6.1.4.1.311.21.8.12059088.7148202.5130407.12905872.6174753.77.1.32",
        "enrollmentflag": "ADD_OCSP_NOCHECK, NOREVOCATIONINFOINISSUEDCERTS",
        "requiresmanagerapproval": false,
        "nosecurityextension": false,
        "certificatenameflag": "SUBJECT_ALT_REQUIRE_DNS, SUBJECT_REQUIRE_DNS_AS_CN",
        "enrolleesuppliessubject": false,
        "subjectaltrequireupn": false,
        "ekus": ["1.3.6.1.5.5.7.3.9"],
        "certificateapplicationpolicy": ["1.3.6.1.5.5.7.3.9"],
        "authorizedsignatures": 0,
        "applicationpolicies": [
          "msPKI-Asymmetric-Algorithm`PZPWSTR`RSA`msPKI-Hash-Algorithm`PZPWSTR`SHA1`msPKI-Key-Security-Descriptor`PZPWSTR`D:P(A;;FA;;;BA)(A;;FA;;;SY)(A;;GR;;;S-1-5-80-3804348527-3718992918-2141599610-3686422417-2726379419)`msPKI-Key-Usage`DWORD`2`"
        ],
        "issuancepolicies": [],
        "effectiveekus": ["1.3.6.1.5.5.7.3.9"],
        "authenticationenabled": false
      },
      "Aces": [
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Owns",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        }
      ],
      "ObjectIdentifier": "9F29EC9F-1DF5-4505-82FB-3DB8B952FDE3",
      "IsDeleted": false,
      "IsACLProtected": true,
      "ContainedBy": {
        "ObjectIdentifier": "95D1A36E-7782-4CC5-823C-F5994359DDC0",
        "ObjectType": "Container"
      }
    },
    {
      "Properties": {
        "domain": "ESC1.LOCAL",
        "name": "KERBEROSAUTHENTICATION@ESC1.LOCAL",
        "distinguishedname": "CN=KERBEROSAUTHENTICATION,CN=CERTIFICATE TEMPLATES,CN=PUBLIC KEY SERVICES,CN=SERVICES,CN=CONFIGURATION,DC=ESC1,DC=LOCAL",
        "domainsid": "S-1-5-21-909015691-3030120388-2582151266",
        "description": null,
        "whencreated": 1664426237,
        "validityperiod": "1 year",
        "renewalperiod": "6 weeks",
        "schemaversion": 2,
        "displayname": "Kerberos Authentication",
        "oid": "1.3.6.1.4.1.311.21.8.12059088.7148202.5130407.12905872.6174753.77.1.33",
        "enrollmentflag": "AUTO_ENROLLMENT",
        "requiresmanagerapproval": false,
        "nosecurityextension": false,
        "certificatenameflag": "SUBJECT_ALT_REQUIRE_DOMAIN_DNS, SUBJECT_ALT_REQUIRE_DNS",
        "enrolleesuppliessubject": false,
        "subjectaltrequireupn": false,
        "ekus": [
          "1.3.6.1.5.5.7.3.2",
          "1.3.6.1.5.5.7.3.1",
          "1.3.6.1.4.1.311.20.2.2",
          "1.3.6.1.5.2.3.5"
        ],
        "certificateapplicationpolicy": [
          "1.3.6.1.5.5.7.3.2",
          "1.3.6.1.5.5.7.3.1",
          "1.3.6.1.4.1.311.20.2.2",
          "1.3.6.1.5.2.3.5"
        ],
        "authorizedsignatures": 0,
        "applicationpolicies": [],
        "issuancepolicies": [],
        "effectiveekus": [
          "1.3.6.1.5.5.7.3.2",
          "1.3.6.1.5.5.7.3.1",
          "1.3.6.1.4.1.311.20.2.2",
          "1.3.6.1.5.2.3.5"
        ],
        "authenticationenabled": true
      },
      "Aces": [
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Owns",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "ESC1.LOCAL-S-1-5-9",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-498",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-516",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        }
      ],
      "ObjectIdentifier": "64AC5BD1-1DE3-46D4-9796-5C9D98E4B0F7",
      "IsDeleted": false,
      "IsACLProtected": true,
      "ContainedBy": {
        "ObjectIdentifier": "95D1A36E-7782-4CC5-823C-F5994359DDC0",
        "ObjectType": "Container"
      }
    },
    {
      "Properties": {
        "domain": "ESC1.LOCAL",
        "name": "ESC1@ESC1.LOCAL",
        "distinguishedname": "CN=ESC1,CN=CERTIFICATE TEMPLATES,CN=PUBLIC KEY SERVICES,CN=SERVICES,CN=CONFIGURATION,DC=ESC1,DC=LOCAL",
        "domainsid": "S-1-5-21-909015691-3030120388-2582151266",
        "description": null,
        "whencreated": 1665175875,
        "validityperiod": "1 year",
        "renewalperiod": "6 weeks",
        "schemaversion": 2,
        "displayname": "ESC1",
        "oid": "1.3.6.1.4.1.311.21.8.12059088.7148202.5130407.12905872.6174753.77.13327915.10315889",
        "enrollmentflag": "INCLUDE_SYMMETRIC_ALGORITHMS, PUBLISH_TO_DS",
        "requiresmanagerapproval": false,
        "nosecurityextension": false,
        "certificatenameflag": "ENROLLEE_SUPPLIES_SUBJECT",
        "enrolleesuppliessubject": true,
        "subjectaltrequireupn": false,
        "ekus": [
          "1.3.6.1.5.5.7.3.2",
          "1.3.6.1.5.5.7.3.4",
          "1.3.6.1.4.1.311.10.3.4"
        ],
        "certificateapplicationpolicy": [
          "1.3.6.1.5.5.7.3.2",
          "1.3.6.1.5.5.7.3.4",
          "1.3.6.1.4.1.311.10.3.4"
        ],
        "authorizedsignatures": 0,
        "applicationpolicies": [],
        "issuancepolicies": [],
        "effectiveekus": [
          "1.3.6.1.5.5.7.3.2",
          "1.3.6.1.5.5.7.3.4",
          "1.3.6.1.4.1.311.10.3.4"
        ],
        "authenticationenabled": true
      },
      "Aces": [
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-500",
          "PrincipalType": "User",
          "RightName": "Owns",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-500",
          "PrincipalType": "User",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-500",
          "PrincipalType": "User",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-1105",
          "PrincipalType": "User",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-1106",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-1110",
          "PrincipalType": "User",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-1112",
          "PrincipalType": "User",
          "RightName": "Enroll",
          "IsInherited": false
        }
      ],
      "ObjectIdentifier": "DEBC8BEB-40AF-48B5-940F-AAFAFE961B26",
      "IsDeleted": false,
      "IsACLProtected": true,
      "ContainedBy": {
        "ObjectIdentifier": "95D1A36E-7782-4CC5-823C-F5994359DDC0",
        "ObjectType": "Container"
      }
    },
    {
      "Properties": {
        "domain": "ESC1.LOCAL",
        "name": "CLIENTAUTH@ESC1.LOCAL",
        "distinguishedname": "CN=CLIENTAUTH,CN=CERTIFICATE TEMPLATES,CN=PUBLIC KEY SERVICES,CN=SERVICES,CN=CONFIGURATION,DC=ESC1,DC=LOCAL",
        "domainsid": "S-1-5-21-909015691-3030120388-2582151266",
        "description": null,
        "whencreated": 1664426237,
        "validityperiod": "1 year",
        "renewalperiod": "6 weeks",
        "schemaversion": 1,
        "displayname": "Authenticated Session",
        "oid": "1.3.6.1.4.1.311.21.8.12059088.7148202.5130407.12905872.6174753.77.1.4",
        "enrollmentflag": "AUTO_ENROLLMENT",
        "requiresmanagerapproval": false,
        "nosecurityextension": false,
        "certificatenameflag": "SUBJECT_ALT_REQUIRE_UPN, SUBJECT_REQUIRE_DIRECTORY_PATH",
        "enrolleesuppliessubject": false,
        "subjectaltrequireupn": true,
        "ekus": ["1.3.6.1.5.5.7.3.2"],
        "certificateapplicationpolicy": [],
        "authorizedsignatures": 0,
        "applicationpolicies": [],
        "issuancepolicies": [],
        "effectiveekus": ["1.3.6.1.5.5.7.3.2"],
        "authenticationenabled": true
      },
      "Aces": [
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Owns",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-513",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        }
      ],
      "ObjectIdentifier": "67CE0FEC-166C-4E5E-BF87-6FBAF0E9C8A8",
      "IsDeleted": false,
      "IsACLProtected": true,
      "ContainedBy": {
        "ObjectIdentifier": "95D1A36E-7782-4CC5-823C-F5994359DDC0",
        "ObjectType": "Container"
      }
    },
    {
      "Properties": {
        "domain": "ESC1.LOCAL",
        "name": "SMARTCARDUSER@ESC1.LOCAL",
        "distinguishedname": "CN=SMARTCARDUSER,CN=CERTIFICATE TEMPLATES,CN=PUBLIC KEY SERVICES,CN=SERVICES,CN=CONFIGURATION,DC=ESC1,DC=LOCAL",
        "domainsid": "S-1-5-21-909015691-3030120388-2582151266",
        "description": null,
        "whencreated": 1664426237,
        "validityperiod": "1 year",
        "renewalperiod": "6 weeks",
        "schemaversion": 1,
        "displayname": "Smartcard User",
        "oid": "1.3.6.1.4.1.311.21.8.12059088.7148202.5130407.12905872.6174753.77.1.3",
        "enrollmentflag": "INCLUDE_SYMMETRIC_ALGORITHMS, PUBLISH_TO_DS",
        "requiresmanagerapproval": false,
        "nosecurityextension": false,
        "certificatenameflag": "SUBJECT_ALT_REQUIRE_UPN, SUBJECT_ALT_REQUIRE_EMAIL, SUBJECT_REQUIRE_EMAIL, SUBJECT_REQUIRE_DIRECTORY_PATH",
        "enrolleesuppliessubject": false,
        "subjectaltrequireupn": true,
        "ekus": [
          "1.3.6.1.5.5.7.3.4",
          "1.3.6.1.5.5.7.3.2",
          "1.3.6.1.4.1.311.20.2.2"
        ],
        "certificateapplicationpolicy": [],
        "authorizedsignatures": 0,
        "applicationpolicies": [],
        "issuancepolicies": [],
        "effectiveekus": [
          "1.3.6.1.5.5.7.3.4",
          "1.3.6.1.5.5.7.3.2",
          "1.3.6.1.4.1.311.20.2.2"
        ],
        "authenticationenabled": true
      },
      "Aces": [
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Owns",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        }
      ],
      "ObjectIdentifier": "4376BA2D-B316-41E1-96DF-A0CB1EA0667F",
      "IsDeleted": false,
      "IsACLProtected": true,
      "ContainedBy": {
        "ObjectIdentifier": "95D1A36E-7782-4CC5-823C-F5994359DDC0",
        "ObjectType": "Container"
      }
    },
    {
      "Properties": {
        "domain": "ESC1.LOCAL",
        "name": "CAEXCHANGE@ESC1.LOCAL",
        "distinguishedname": "CN=CAEXCHANGE,CN=CERTIFICATE TEMPLATES,CN=PUBLIC KEY SERVICES,CN=SERVICES,CN=CONFIGURATION,DC=ESC1,DC=LOCAL",
        "domainsid": "S-1-5-21-909015691-3030120388-2582151266",
        "description": null,
        "whencreated": 1664426237,
        "validityperiod": "1 week",
        "renewalperiod": "1 day",
        "schemaversion": 2,
        "displayname": "CA Exchange",
        "oid": "1.3.6.1.4.1.311.21.8.12059088.7148202.5130407.12905872.6174753.77.1.26",
        "enrollmentflag": "INCLUDE_SYMMETRIC_ALGORITHMS",
        "requiresmanagerapproval": false,
        "nosecurityextension": false,
        "certificatenameflag": "ENROLLEE_SUPPLIES_SUBJECT",
        "enrolleesuppliessubject": true,
        "subjectaltrequireupn": false,
        "ekus": ["1.3.6.1.4.1.311.21.5"],
        "certificateapplicationpolicy": ["1.3.6.1.4.1.311.21.5"],
        "authorizedsignatures": 0,
        "applicationpolicies": [],
        "issuancepolicies": [],
        "effectiveekus": ["1.3.6.1.4.1.311.21.5"],
        "authenticationenabled": false
      },
      "Aces": [
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Owns",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        }
      ],
      "ObjectIdentifier": "2D3B649A-50E0-485B-AEF3-6C8ED9DB0A2A",
      "IsDeleted": false,
      "IsACLProtected": true,
      "ContainedBy": {
        "ObjectIdentifier": "95D1A36E-7782-4CC5-823C-F5994359DDC0",
        "ObjectType": "Container"
      }
    },
    {
      "Properties": {
        "domain": "ESC1.LOCAL",
        "name": "CROSSCA@ESC1.LOCAL",
        "distinguishedname": "CN=CROSSCA,CN=CERTIFICATE TEMPLATES,CN=PUBLIC KEY SERVICES,CN=SERVICES,CN=CONFIGURATION,DC=ESC1,DC=LOCAL",
        "domainsid": "S-1-5-21-909015691-3030120388-2582151266",
        "description": null,
        "whencreated": 1664426237,
        "validityperiod": "5 years",
        "renewalperiod": "6 weeks",
        "schemaversion": 2,
        "displayname": "Cross Certification Authority",
        "oid": "1.3.6.1.4.1.311.21.8.12059088.7148202.5130407.12905872.6174753.77.1.25",
        "enrollmentflag": "PUBLISH_TO_DS",
        "requiresmanagerapproval": false,
        "nosecurityextension": false,
        "certificatenameflag": "ENROLLEE_SUPPLIES_SUBJECT",
        "enrolleesuppliessubject": true,
        "subjectaltrequireupn": false,
        "ekus": [],
        "certificateapplicationpolicy": [],
        "authorizedsignatures": 1,
        "applicationpolicies": ["1.3.6.1.4.1.311.10.3.10"],
        "issuancepolicies": [],
        "effectiveekus": [],
        "authenticationenabled": true
      },
      "Aces": [
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Owns",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        }
      ],
      "ObjectIdentifier": "08FA76AA-B3B1-480E-81E2-48CC2AF009B5",
      "IsDeleted": false,
      "IsACLProtected": true,
      "ContainedBy": {
        "ObjectIdentifier": "95D1A36E-7782-4CC5-823C-F5994359DDC0",
        "ObjectType": "Container"
      }
    },
    {
      "Properties": {
        "domain": "ESC1.LOCAL",
        "name": "CEPENCRYPTION@ESC1.LOCAL",
        "distinguishedname": "CN=CEPENCRYPTION,CN=CERTIFICATE TEMPLATES,CN=PUBLIC KEY SERVICES,CN=SERVICES,CN=CONFIGURATION,DC=ESC1,DC=LOCAL",
        "domainsid": "S-1-5-21-909015691-3030120388-2582151266",
        "description": null,
        "whencreated": 1664426237,
        "validityperiod": "2 years",
        "renewalperiod": "6 weeks",
        "schemaversion": 1,
        "displayname": "CEP Encryption",
        "oid": "1.3.6.1.4.1.311.21.8.12059088.7148202.5130407.12905872.6174753.77.1.22",
        "enrollmentflag": "NONE",
        "requiresmanagerapproval": false,
        "nosecurityextension": false,
        "certificatenameflag": "ENROLLEE_SUPPLIES_SUBJECT",
        "enrolleesuppliessubject": true,
        "subjectaltrequireupn": false,
        "ekus": ["1.3.6.1.4.1.311.20.2.1"],
        "certificateapplicationpolicy": [],
        "authorizedsignatures": 0,
        "applicationpolicies": [],
        "issuancepolicies": [],
        "effectiveekus": ["1.3.6.1.4.1.311.20.2.1"],
        "authenticationenabled": false
      },
      "Aces": [
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Owns",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        }
      ],
      "ObjectIdentifier": "89486D6B-D221-4435-9544-9CDC8B4E6933",
      "IsDeleted": false,
      "IsACLProtected": true,
      "ContainedBy": {
        "ObjectIdentifier": "95D1A36E-7782-4CC5-823C-F5994359DDC0",
        "ObjectType": "Container"
      }
    },
    {
      "Properties": {
        "domain": "ESC1.LOCAL",
        "name": "WEBSERVER@ESC1.LOCAL",
        "distinguishedname": "CN=WEBSERVER,CN=CERTIFICATE TEMPLATES,CN=PUBLIC KEY SERVICES,CN=SERVICES,CN=CONFIGURATION,DC=ESC1,DC=LOCAL",
        "domainsid": "S-1-5-21-909015691-3030120388-2582151266",
        "description": null,
        "whencreated": 1664426237,
        "validityperiod": "2 years",
        "renewalperiod": "6 weeks",
        "schemaversion": 1,
        "displayname": "Web Server",
        "oid": "1.3.6.1.4.1.311.21.8.12059088.7148202.5130407.12905872.6174753.77.1.16",
        "enrollmentflag": "NONE",
        "requiresmanagerapproval": false,
        "nosecurityextension": false,
        "certificatenameflag": "ENROLLEE_SUPPLIES_SUBJECT",
        "enrolleesuppliessubject": true,
        "subjectaltrequireupn": false,
        "ekus": ["1.3.6.1.5.5.7.3.1"],
        "certificateapplicationpolicy": [],
        "authorizedsignatures": 0,
        "applicationpolicies": [],
        "issuancepolicies": [],
        "effectiveekus": ["1.3.6.1.5.5.7.3.1"],
        "authenticationenabled": false
      },
      "Aces": [
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Owns",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        }
      ],
      "ObjectIdentifier": "621424AD-1DD5-487C-B38D-12D094A38153",
      "IsDeleted": false,
      "IsACLProtected": true,
      "ContainedBy": {
        "ObjectIdentifier": "95D1A36E-7782-4CC5-823C-F5994359DDC0",
        "ObjectType": "Container"
      }
    },
    {
      "Properties": {
        "domain": "ESC1.LOCAL",
        "name": "CTLSIGNING@ESC1.LOCAL",
        "distinguishedname": "CN=CTLSIGNING,CN=CERTIFICATE TEMPLATES,CN=PUBLIC KEY SERVICES,CN=SERVICES,CN=CONFIGURATION,DC=ESC1,DC=LOCAL",
        "domainsid": "S-1-5-21-909015691-3030120388-2582151266",
        "description": null,
        "whencreated": 1664426237,
        "validityperiod": "1 year",
        "renewalperiod": "6 weeks",
        "schemaversion": 1,
        "displayname": "Trust List Signing",
        "oid": "1.3.6.1.4.1.311.21.8.12059088.7148202.5130407.12905872.6174753.77.1.10",
        "enrollmentflag": "AUTO_ENROLLMENT",
        "requiresmanagerapproval": false,
        "nosecurityextension": false,
        "certificatenameflag": "SUBJECT_ALT_REQUIRE_UPN, SUBJECT_REQUIRE_DIRECTORY_PATH",
        "enrolleesuppliessubject": false,
        "subjectaltrequireupn": true,
        "ekus": ["1.3.6.1.4.1.311.10.3.1"],
        "certificateapplicationpolicy": [],
        "authorizedsignatures": 0,
        "applicationpolicies": [],
        "issuancepolicies": [],
        "effectiveekus": ["1.3.6.1.4.1.311.10.3.1"],
        "authenticationenabled": false
      },
      "Aces": [
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Owns",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        }
      ],
      "ObjectIdentifier": "F951BBAA-F10A-4A70-9507-BCD8F188D70B",
      "IsDeleted": false,
      "IsACLProtected": true,
      "ContainedBy": {
        "ObjectIdentifier": "95D1A36E-7782-4CC5-823C-F5994359DDC0",
        "ObjectType": "Container"
      }
    },
    {
      "Properties": {
        "domain": "ESC1.LOCAL",
        "name": "EXCHANGEUSER@ESC1.LOCAL",
        "distinguishedname": "CN=EXCHANGEUSER,CN=CERTIFICATE TEMPLATES,CN=PUBLIC KEY SERVICES,CN=SERVICES,CN=CONFIGURATION,DC=ESC1,DC=LOCAL",
        "domainsid": "S-1-5-21-909015691-3030120388-2582151266",
        "description": null,
        "whencreated": 1664426237,
        "validityperiod": "1 year",
        "renewalperiod": "6 weeks",
        "schemaversion": 1,
        "displayname": "Exchange User",
        "oid": "1.3.6.1.4.1.311.21.8.12059088.7148202.5130407.12905872.6174753.77.1.23",
        "enrollmentflag": "INCLUDE_SYMMETRIC_ALGORITHMS",
        "requiresmanagerapproval": false,
        "nosecurityextension": false,
        "certificatenameflag": "ENROLLEE_SUPPLIES_SUBJECT",
        "enrolleesuppliessubject": true,
        "subjectaltrequireupn": false,
        "ekus": ["1.3.6.1.5.5.7.3.4"],
        "certificateapplicationpolicy": [],
        "authorizedsignatures": 0,
        "applicationpolicies": [],
        "issuancepolicies": [],
        "effectiveekus": ["1.3.6.1.5.5.7.3.4"],
        "authenticationenabled": false
      },
      "Aces": [
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Owns",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteDacl",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "WriteOwner",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-512",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        },
        {
          "PrincipalSID": "S-1-5-21-909015691-3030120388-2582151266-519",
          "PrincipalType": "Group",
          "RightName": "Enroll",
          "IsInherited": false
        }
      ],
      "ObjectIdentifier": "3F2F49C7-53C2-4AFB-8DA2-306C2CD1DDCA",
      "IsDeleted": false,
      "IsACLProtected": true,
      "ContainedBy": {
        "ObjectIdentifier": "95D1A36E-7782-4CC5-823C-F5994359DDC0",
        "ObjectType": "Container"
      }
    }
  ],
  "meta": {
    "methods": 521215,
    "type": "certtemplates",
    "count": 34,
    "version": 6
  }
}
